<!--  Nguyen Huu Nhat -->
<?php
@session_start();
include '../Security/CheckAdmin.php';
include '../Home/DefineVar.php';
include '../DataBase/ConnectDB.php';
mysql_select_db(MYSQL_DATABASE, $link)
or exit('Could not select database'.mysql_error());

function checkAdmin($isAdmin){
	if($isAdmin) return 1;
	else return 0;
}
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<?php
////////////////////////////////////////////////////////////////////////
$accountName = mysql_real_escape_string($_GET['accountName']);
$pass = sha1(mysql_real_escape_string($_GET['pass1']));
$fullName = mysql_real_escape_string($_GET['fullName']);
$mail = mysql_real_escape_string($_GET['mail']);
$phone =mysql_real_escape_string($_GET['phone']);
$address =mysql_real_escape_string($_GET['address']);
$isAdmin = mysql_real_escape_string($_GET['isAdmin']);
//データベースにはユーザの存在を検査する。
$query = "SELECT * FROM ".MYSQL_TABLE_USERINFOR." WHERE accountname='$accountName';";
$result = mysql_query($query, $link);
if(!$result){
	print("<br><script type='text/javascript'> alert('".SQL_ERR_MESS."'); window.location ='../Home/Home.php';</script> ");
	exit();
}
if(($resultuser = mysql_fetch_row($result)) != false){
	print("<br><script type='text/javascript'> alert('".USER_CRE_ERR_MESS."'); window.location ='../Home/Home.php';</script> ");
	exit();
}
//新しいユーザをデータベースに記憶する。
$query = "INSERT INTO ".MYSQL_TABLE_USERINFOR."(accountname, password, name, mail, phone, address, isAdmin, isconfirm) VALUES('$accountName', '$pass', '$fullName', '$mail', '$phone', '$address', ".checkAdmin($isAdmin).", 1);";
// print($query);
if(($result = mysql_query($query, $link))){
	print("<br><script type='text/javascript'> alert('".USER_CRE_OK_MESS."'); window.location ='CreateUser.php';</script> ");
}
else
print("<br><script type='text/javascript'> alert('".SQL_ERR_MESS."'); window.location ='../Home/Home.php';</script> ");
mysql_close($link);
?>
</body>
</html>
